IBM Cloud 
Solution Brief 


Highlights: 


e The Web Application Firewall 
provides seamless integration 
with security and performance 
products including DDoS, Bot 
Management, CDN 


e DDoS protection ensures cloud 
and on-premise applications are 
always available 


e Standardize security SLAs 
across on-premise and multi- 
cloud environments 


e Global load balancing and 
performance optimizations can 
reduce visitor latency by over 2x 


¢ Simplified DNS management 
across cloud environments 
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Cloud Security for Hybrid Cloud 
Implementations with OpenShitt 


Web layer security across all cloud 
environments with IBM CIS 


OpenShift Flexibility 


The public cloud continues to grow and, according to Gartner, it 
is estimated that “cloud shift” across key enterprise IT markets 
will increase to 28% by 2022, up from 19% in 2018. IT organiza- 
tions are increasingly challenged by a variety of management 
tools that will only increase in complexity in the coming years. 


CIOs are stretched thin to maintain the SLAs of the past while 
supporting the latest usage models that employees and 
customers are demanding. As a result, enterprises need the 
right combination of security and flexibility. 


Many enterprise data centers depend on Red Hat OpenShift 
to manage a variety of business-critical workloads while 
providing DevOps the flexibility of deploying containers on any 
cloud environment. 


The benefits of hybrid cloud management with IBM Cloud 


IBM Cloud was designed to support a variety of application 
workloads and environments, including hybrid cloud models. 
With IBM, you benefit from an open platform that supports 
Kubernetes container infrastructure, integrated solutions, and 
DevOps support. IBM helps with cloud migration, modernization, 
and cloud-native applications. You get all of this with a resilient 
networking tier that protects your data from DDoS attacks and 
handles load balancing to avoid network downtime. 


How IBM CIS provides resilience and security 


Defending your business against cyber attacks is especially 
important when critical data is flowing between employees, 
customers, and data centers scattered around the world. 
Even the most well-protected companies have experienced 
denial-of-service attacks or SQL injections that paralyze 
customer transactions. 
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IBM CIS offers a Web Application Firewall (WAF) that blocks malicious attacks that aim to exploit 
vulnerabilities, including SQLi and XSS. This added layer of security provides a uniform solution 
to protect enterprise applications, no matter where they reside: within on-premise data centers 


or across multiple public clouds. 


Crucially, IBM CIS integrates with existing third-party tools and systems. Programmatically 
create rules that block potential threats in near-real-time by integrating the API with third-party 
SIEMs, internal alerting systems, or vulnerability scanners. 


Hybrid Cloud Management with OpenShift 


Hybrid Cloud Management with OpenShift is a 
reference architecture that ensures high avail- 
ability across multiple clouds and workloads. It 
is based on the combination of OpenShift, IBM 
CIS, and IBM Cloud services. When scaling 
existing OpenShift containers on-premise or in 
the IBM Cloud, you can increase reliability 
across all cloud-based applications while 
protecting end-users from cyber attacks. 


As you can see in the reference architecture, 
Hybrid Cloud Management with OpenShift 
provides support to all remote employees look- 
ing to access both critical and non-critical appli- 
cations behind the firewall. IT managers don’t 
have to worry about providing specialized VPNs 
to every employee because this architecture 
uses a cloud-based identity and access manage- 
ment service that authenticates and monitors 
user ingress to any domain, application, or path. 


Other key features of Hybrid Cloud Management 
with OpenShift include: 


e DDoS attack mitigation with an “always-on” denial-of-service 
solution that provides security at a global scale against some 
of the largest threats. With over 30 Tbps of capacity, CIS can 
handle any modern distributed attack, including those 
targeting DNS infrastructure. 


e Load balancing ensures that cloud-based applications don’t 
suffer performance degradation as a result of increased 
utilization or extended distance between the end user and 
application server. 


Public Internet Private Employees 
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IBM CIS multi-cloud security for high availability 


For more information about IBM Cloud, IBM 
CIS, and OpenShift, check out the following 
online resources. 


IBM Cloud: 
https://www.ibm.com/cloud/openshift 


IBM CIS: 
https://www.ibm.com/cloud/cloud-internet-services 
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